ABOUT THE INFORMATION SECURITY OFFICE

The mission of the Information Security Office (ISO), as required by state law, is to assure the security of the university's Information Technology (IT) resources and the existence of a safe computing environment in which the university community can teach, learn, and conduct research.

The ISO collaborates with campus IT leaders and university audit, compliance, and legal units to support the university's teaching, research, and public service missions.

Follow The Information Security Office!

Get the most relevant cyber security news, tips and tricks, and UT security updates right on your feed!

Incident Management

The ISO manages incident response, investigation, and reporting. This includes performing network intrusion detection and conducting forensic criminal and administrative investigations, receiving and processing security incident complaints, and overseeing recovery, and restoration for security-related events. The ISO takes permitted or required actions to protect university IT resources in consultation with appropriate executive management.

Policy and Standards

The ISO provides direction for university security policies and practices to protect critical resources and services and aid campus units with department security goals and compliance requirements. The ISO creates security policies and standards for approval by university leadership, and evaluate existing and emerging security-related laws, regulations, and policies for compliance goals.

Management Support

The ISO assists technology managers with security administration, implementation, and management. This includes testing and evaluating security technologies, advising on security related technology projects, and aiding management of security technology, with special emphasis on mission critical IT resources.

Monitoring and Testing

The ISO conducts institutional security testing and monitoring in support of policy enforcement and operational assurance. The ISO monitors computer and network resources for suspicious activity and test information resources for security vulnerabilities. This includes performing network intrusion detection, conducting security scanning of university computers, testing IT Web-enabled services, and conducting intelligence analysis to identify security threats. The ISO assures all departmental security monitoring and testing activities are compliant.